Description

Affected versions of Atlassian Jira Server and Data Center allow unauthenticated remote attackers to impact the application's availability via a Denial of Service (DoS) vulnerability in the /rest/gadget/1.0/createdVsResolved/generate endpoint. The affected versions are before version 8.16.0.

Remediation

References

CVE-2021-39123

Related Vulnerabilities

WordPress Plugin IMPress Listings Cross-Site Scripting (2.0.1)

Jboss EAP Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') Vulnerability (CVE-2017-2595)

PHP Improper Restriction of Operations within the Bounds of a Memory Buffer Vulnerability (CVE-2010-2191)

Joomla Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') Vulnerability (CVE-2008-6852)

MySQL CVE-2017-3454 Vulnerability (CVE-2017-3454)

Severity

High

Classification

CVE-2021-39123

Tags

Missing Update Known Vulnerabilities